(Tea Party 247) – This month, the chat app WhatsApp asked all their users to update their systems after a spyware attack.
The attack, however, has all the hallmarks of a “government-sponsored surveillance” attempt, according to Mac Slavo at SHTFPlan.com.
The app, owned by FaceBook, said earlier this month that malicious hackers were able to install spyware on Android phones as well as iPhones and asked users to make sure that their security is up to date.
But even more alarming, Slavo notes, is that it appears the government wants to spy on its own people who use the app.
“The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” a WhatsApp spokesperson told MarketWatch.
The surveillance software could be remotely installed on a user’s phone by calling them over the internet (using “VOIP” or voice over internet protocol). Earlier this month, WhatsApp identified and fixed a vulnerability that could enable an attacker to add spyware to devices.
“We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer,” said Citizen Lab, a research and development group at the Munk School of Global Affairs & Public Policy in the University of Toronto in a tweet about the incident.
WhatsApp has just pushed out updates to close a vulnerability. We believe an attacker tried (and was blocked by WhatsApp) to exploit it as recently as yesterday to target a human rights lawyer. Now is a great time to update your WhatsApp software https://t.co/pJvjFMy2aw https://t.co/e8VQUraZWQ
— Citizen Lab (@citizenlab) May 13, 2019
Many users reportedly complained about the notifications they received from WhatsApp on Monday to update their software. They said that the notifications did not inform them of any security threat, in fact, a pretty serious omission considering the security flaw WhatsApp discovered could have allowed a hacker to read a user’s text messages.
WhatsApp described the breach as a “targeted surveillance attack.” MarketWatch noted that the malicious call which was used to install the spyware may not have even shown up on the user’s app as a missed call.
The website for WhatsApp states that privacy and security are a very big concern to the company, precisely, “Privacy and security is in our DNA.” It adds, “Some of your most personal moments are shared with WhatsApp, which is why we built end-to-end encryption into our app. When end-to-end encrypted, your messages, photos, videos, voice messages, documents, and calls are secured from falling into the wrong hands.”
The Financial Times is also alleging that the software used to try to breach the WhatsApp system was developed by the NSO group, an Israeli-based security company.
NSO Group replied, saying, “NSO’s technology is licensed to authorized government agencies for the sole purpose of fighting crime and terror.”
“Under no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” they added.